Vulnerabilities > Google > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-05-10 | CVE-2022-20009 | Out-of-bounds Write vulnerability in Google Android In various functions of the USB gadget subsystem, there is a possible out of bounds write due to a missing bounds check. | 7.2 |
| 2022-05-10 | CVE-2022-20113 | Unspecified vulnerability in Google Android 12.0/12.1 In mPreference of DefaultUsbConfigurationPreferenceController.java, there is a possible way to enable file transfer mode due to a logic error in the code. | 7.2 |
| 2022-05-10 | CVE-2022-20114 | Improper Privilege Management vulnerability in Google Android In placeCall of TelecomManager.java, there is a possible way for an application to keep itself running with foreground service importance due to a permissions bypass. | 7.2 |
| 2022-05-10 | CVE-2022-20116 | Unspecified vulnerability in Google Android 12.0/12.1 In onEntryUpdated of OngoingCallController.kt, it is possible to launch non-exported activities due to intent redirection. | 7.2 |
| 2022-05-03 | CVE-2022-20109 | Unspecified vulnerability in Google Android In ion, there is a possible use after free due to improper update of reference count. | 7.8 |
| 2022-05-03 | CVE-2022-20110 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Google Android In ion, there is a possible use after free due to a race condition. | 7.0 |
| 2022-05-03 | CVE-2022-28781 | Improper Input Validation vulnerability in Google Android 11.0/12.0 Improper input validation in Settings prior to SMR-May-2022 Release 1 allows attackers to launch arbitrary activity with system privilege. | 7.2 |
| 2022-05-01 | CVE-2022-25647 | Deserialization of Untrusted Data vulnerability in multiple products The package com.google.code.gson:gson before 2.8.9 are vulnerable to Deserialization of Untrusted Data via the writeReplace() method in internal classes, which may lead to DoS attacks. | 7.5 |
| 2022-04-12 | CVE-2021-0694 | Incorrect Authorization vulnerability in Google Android 11.0 In setServiceForegroundInnerLocked of ActiveServices.java, there is a possible way for a background application to regain foreground permissions due to insufficient background restrictions. | 7.2 |
| 2022-04-12 | CVE-2021-0707 | Use After Free vulnerability in Google Android In dma_buf_release of dma-buf.c, there is a possible memory corruption due to a use after free. | 7.2 |